Security worries keep many from banking online

[InfoSec News <isn () c4i org>]

http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7388475.htm

By Anuradha Raghunathan
Dallas Morning News
Dec. 01, 2003

Alma Villalpando, a program director at Eastfield College in Mesquite, 
Texas, says she's comfortable using a computer. She even offers 
training programs on cybersecurity.

But when it comes to online banking, it's a firm, ``No.''

``I don't trust it,'' she said, citing a lack of reassurance from her 
bank. ``Not once have I received a statement saying, `These are the 
steps we are taking to secure your identity.'''

While online banking is growing, some consumers, such as Villalpando, 
still shun it. She echoes what recent studies have revealed: Security 
is the top reason some consumers give for not taking advantage of the 
convenience of online banking and bill paying.

Bankers, meanwhile, are trying various strategies to change consumers' 
minds, slashing bill-pay fees and offering access to online services 
at bank branches. Banks say they're eager to boost their online 
accounts because those customers are more loyal and maintain bigger 
balances.

Bankers also are working to educate consumers on the safety of 
Internet banking.

But ``there's definitely a gap,'' said George Tubin, senior analyst at 
TowerGroup, a research and advisory firm that focuses on the financial 
services industry. ``Some banks have not done as good a job as others 
in addressing security concerns of consumers.''

Yet online banking is increasing after a slow start in the late 1990s. 
As a rule, major banks say about 40 percent of their checking account 
holders use online banking.

Wells Fargo & Co. says its online banking customer base in the 
Dallas-Fort Worth area has jumped 52 percent in the last year, to 
nearly 130,000 customers. The bank has 510,000 online customers in 
Texas.

Bank of America Corp. reported a more than 50 percent increase in its 
online customer base over the last year. It has nearly 6.2 million 
online banking customers nationwide.

Bank One Corp. saw a 65 percent surge in online banking from the third 
quarter of last year to the third quarter of this year. It has 2.2 
million online banking customers.

But security concerns haunt consumers. InsightExpress, a market 
research company, found in a September survey that security was the 
top disadvantage associated with paying bills online.

In an April poll, TowerGroup also found that the primary reason for 
not using the online service was security concerns.

Tubin also pointed out in a research note that, ``The banking industry 
must confront consumers' e-security concerns head-on if consumers' 
mass-adoption of Internet banking is to continue.''

Not all bankers, however, see security as an impediment. They say that 
as Internet connection speeds improve, the service will continue to 
grow.

As for the nonadopters, ``There'll always be a segment of customers 
who opt out,'' said Kevin Watters, who heads the consumer Internet 
group at Bank One. ``There is a fear of the unknown for people who 
have historically not grown up using the Web.''

But for some consumers, it's the fear of the known.

Well-publicized online scams scare users and nonusers alike.

For instance, a recent scam affected online bank customers at 18 banks 
around the world -- including Bank of America and Citigroup Inc.

In the scam, a ``phishing'' e-mail asked consumers to click on a 
hyperlink to Web sites that looked like their bank sites. These fake 
sites asked the recipients to update passwords and personal details 
that were then used to commit fraud.

While bankers acknowledge these vulnerabilities, they say consumers 
should make a distinction between Internet scams and online banking.

In many cases, fraud happens when consumers give out password 
information without verifying whom they are providing it to, experts 
say.

``You should make sure you don't give your user name and password to 
anyone,'' Watters said. ``This is very similar to ATM safety. I don't 
think the Web has changed any of that.''

Bankers say the Internet is just another medium through which personal 
information is collected fraudulently. It's similar to getting data by 
overhearing someone or by stealing mail from a mailbox, they say.

But experts say consumers have a hard time measuring the intensity of 
the problem, because banks don't release details about online bank 
account frauds, such as their frequency or how much money is lost.

Some banks stand behind their security efforts by offering zero-dollar 
liability guarantees. In other words, if anything goes wrong in an 
online transaction, the bank will pick up the tab. Bank of America, 
Bank One and Wells Fargo offer these guarantees.

But they require consumers to do their part by putting in personal 
firewalls and safeguarding their account information and passwords. 
They also expect consumers to report fraudulent activity to the bank 
as soon as they spot it. A lot of this information is buried deep in 
customer agreements and often isn't read or understood.

Meanwhile, bankers also tout the safety benefits of banking online, 
such as the fact that customers can monitor their accounts more 
frequently and notice any discrepancies.

``Online banking offers the opportunity for consumers to regularly 
look at their financial information and make sure that everything is 
correct,'' said Gary Hudson, community banking district manager at 
Wells Fargo. ``We believe it'll lower their possibility of becoming 
victims of identity theft.''

Another advantage is that consumers don't have to receive their 
statements in the mail and risk having them stolen.

``I guess it's a trade-off,'' said Joanna Crane, manager of the 
Federal Trade Commission's identity theft program. ``Consumers need to 
understand that they are vulnerable to having their information stolen 
in an offline environment with as much probability as in an online 
environment.''

Experts say consumers have to learn to manage that threat. But for 
banking clients such as Villalpando, it all boils down to how safe 
they feel.

``I don't think I see anything new to help the customer feel 
reassured,'' she said. ``Spell out the security measures. Give me that 
type of security.''



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.